{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-43366", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "state": "PUBLISHED", "assignerShortName": "apple", "dateReserved": "2025-04-16T15:24:37.114Z", "datePublished": "2025-09-15T22:34:16.609Z", "dateUpdated": "2026-04-02T18:07:53.612Z"}, "containers": {"cna": {"problemTypes": [{"descriptions": [{"lang": "en", "description": "An app may be able to disclose coprocessor memory"}]}], "affected": [{"vendor": "Apple", "product": "macOS", "versions": [{"version": "0", "status": "affected", "lessThan": "26", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Tahoe 26. An app may be able to disclose coprocessor memory."}], "references": [{"url": "https://support.apple.com/en-us/125110"}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2026-04-02T18:07:53.612Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-125", "lang": "en", "description": "CWE-125 Out-of-bounds Read"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-09-16T13:41:20.675674Z", "id": "CVE-2025-43366", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-16T17:27:25.109Z"}}, {"title": "CVE Program Container", "references": [{"url": "http://seclists.org/fulldisclosure/2025/Sep/53"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T18:12:39.206Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-43366", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-09-16T13:41:20.675674Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-16T13:41:22.912Z"}}], "cna": {"affected": [{"vendor": "Apple", "product": "macOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "26", "versionType": "custom"}]}], "references": [{"url": "https://support.apple.com/en-us/125110"}], "descriptions": [{"lang": "en", "value": "An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Tahoe 26. An app may be able to disclose coprocessor memory."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "An app may be able to disclose coprocessor memory"}]}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2025-09-15T22:34:16.609Z"}}}, "cveMetadata": {"cveId": "CVE-2025-43366", "state": "PUBLISHED", "dateUpdated": "2025-09-16T17:27:25.109Z", "dateReserved": "2025-04-16T15:24:37.114Z", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "datePublished": "2025-09-15T22:34:16.609Z", "assignerShortName": "apple"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "39AFEC84-CF6E-4859-8B5A-C5CF3F838A94", "versionEndExcluding": "26.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Tahoe 26. An app may be able to disclose coprocessor memory."}], "id": "CVE-2025-43366", "lastModified": "2025-11-03T19:16:04.663", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-09-15T23:15:38.143", "references": [{"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/125110"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2025/Sep/53"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-28T10:50:40.234503+00:00", "value": {"mitigation_remediation": ["Upgrade macOS to version 26 (macOS Tahoe) or later to receive the fixed bounds\u2011checking code.", "Restrict installation of untrusted applications and enforce Gatekeeper to prevent execution of unsigned or compromised binaries.", "Monitor Apple security advisories for any additional mitigation guidance or new exploits."], "summary": {"action": "Patch", "impact": "Memory disclosure of coprocessor data"}, "threat_synthesis": {"affected_systems": "The flaw is present in Apple macOS versions older than macOS Tahoe 26; macOS Tahoe 26 and later contain a fix with improved bounds checking. Any macOS installation using a version prior to this release is susceptible.", "description_and_impact": "The vulnerability is an out\u2011of\u2011bounds read (CWE\u2011125) that allows an application to read data beyond a buffer boundary and potentially access coprocessor memory. A successful exploit could expose sensitive information stored in the coprocessor, such as cryptographic keys or personal data, thereby compromising confidentiality. The flaw affects memory integrity but does not provide execution privileges. The CVSS score of 5.5 indicates a moderate impact.", "risk_and_exploitability": "The EPSS score of less than 1% reflects a very low probability of exploitation in the wild, and the vulnerability is not listed in the CISA KEV catalog, indicating no proven active exploitation. The likely attack vector is local or requires a malicious application; a malicious app could trigger the read to obtain coprocessor data. Because the issue does not enable code execution, the risk is moderate but merits remediation to protect confidential coprocessor information."}}}}, "created": "2025-09-17T10:06:29.191566+00:00", "title": "Coprocessor Memory Disclosure via Out\u2011of\u2011Bounds Read in macOS", "updated": "2026-04-28T11:00:14.142148+00:00", "vendors": ["apple", "apple$PRODUCT$macos"]}